Unlock instant, AI-driven research and patent intelligence for your innovation.

Industrial network attack traffic detection method and server

An industrial network and attack traffic technology, applied in the computer field, can solve problems such as low performance, low matching efficiency, and high personnel level requirements, and achieve the effect of enhancing protection functions, improving efficiency and accuracy.

Inactive Publication Date: 2019-12-03
杭州九略智能科技有限公司
View PDF1 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the attack detection effect is good, the development of Snort rules requires a high level of personnel, and the matching efficiency is low, and the performance is not high. It is not suitable for industrial networks with high real-time requirements.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial network attack traffic detection method and server
  • Industrial network attack traffic detection method and server
  • Industrial network attack traffic detection method and server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0036] It should be understood that when used in this specification and the appended claims, the terms "comprising" and "comprises" indicate the presence of described features, integers, steps, operations, elements and / or components, but do not exclude one or Presence or addition of multiple other features, integers, steps, operations, elements, components and / or collections thereof.

[0037] It should be noted that the execution body of the metho...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an industrial network attack flow detection method and a server. The method comprises the following steps: receiving an editing operation of a user to generate a configuration file; receiving an import operation of a user to obtain a rule file, wherein the rule file comprises multiple industrial protocol rules, and the industrial protocol rules are industrial network vulnerability description compiled according to Suricata rules; and receiving a starting operation of a user to start Suricata, and carrying out industrial network attack flow detection through the Suricata to obtain a detection log. By implementing the embodiment of the invention, the industrial network attack flow detection is carried out by compiling the industrial protocol vulnerability attack rule by utilizing the advantages of Suricata multithreading and high performance, so that the attack detection efficiency and accuracy are improved, and the industrial network security protection function required by real-time performance is greatly enhanced.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to an industrial network attack flow detection method and a server. Background technique [0002] Industrial control systems are an important part of the country's critical infrastructure. The industrial Internet has more and more connections with traditional IT networks, and the security of industrial networks has attracted more and more attention. According to statistics, hundreds of attacks on industrial network systems occur every year around the world. How to effectively predict and control attacks under the conditions of high real-time and limited resources of industrial networks, that is, industrial network attack traffic detection, is an important issue in the field of industrial security. hot research direction. [0003] At present, existing industrial network attack traffic detection methods, for example, attack rule matching detection based on Snort. Although the att...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1433
Inventor 赵宇杨二伟仪智奇郑国栋
Owner 杭州九略智能科技有限公司